CN104077538A - Method for privacy protection of data periodical issuing - Google Patents
Method for privacy protection of data periodical issuing Download PDFInfo
- Publication number
- CN104077538A CN104077538A CN201410321751.3A CN201410321751A CN104077538A CN 104077538 A CN104077538 A CN 104077538A CN 201410321751 A CN201410321751 A CN 201410321751A CN 104077538 A CN104077538 A CN 104077538A
- Authority
- CN
- China
- Prior art keywords
- grouping
- data
- gid
- individual
- extensive
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/248—Presentation of query results
Abstract
The invention relates to a method for privacy protection of data periodical issuing. The method comprises the steps that when data are primarily issued, an original data record is firstly scanned, an individual is determined, recoding is conducted on the basis of identification, and primary information issuing is achieved on the basis of an anonymity model (k,1) for individual relevance SA grouping and individual relevance keeping; when periodical following issuing is conducted, the SA grouping distance between the same individuals of data to be issued and the data issued last time is worked out and a tuple is generalized for information issuing according to a local recoding method on the basis of an epsilon-grouping invariance rule. The individual relevance between the data issued last time and the data issued this time is thoroughly considered, and therefore privacy information of the individual is guaranteed.
Description
Technical field
The invention belongs to information privacy protection and issue security fields, be specifically related to the method for secret protection that a kind of data are periodically issued.
Background technology
A large amount of medical informations have the important value of statistical study and state of an illness research, and many-sided needs such as these privacy informations are shared in order to meet, scientific research, must carry out secret protection release processing to these information.K-anonymity is the important secret protection technology of a class in tradition table data field, but this technology is only applicable to the issue of static data, and this technology is also easily under attack.
The issue of medical data has the feature of periodically issuing conventionally; simultaneously in table to be released, body may corresponding many records one by one; in the time issuing, should go to consider from individual angle the protection of its privacy, and the relevance between distributing data while considering repeatedly to issue.
Medical data Table Properties is divided three classes: explicit identification accords with (Identifier), refers to know the attribute of identifying user identity, in order to protect personal information, usually before data are issued, these attributes is deleted or is encrypted; Standard identifier QI (Quasi Identifier) is present in privacy table and appearance simultaneously, and one group of attribute that can utilize chain to fetch mark individual information is called standard identifier attribute; Sensitive Attributes SA (Sensitive Attribute), such attribute kit has contained individual privacy information.
Summary of the invention
The problem existing for tradition table data field secret protection technology; the invention provides the method for secret protection that a kind of data are periodically issued; the safety of the privacy information having ensured from individual angle; the link of having resisted between table is attacked, and has farthest met the availability of data in protection privacy.
For achieving the above object, the concrete technical scheme of the present invention is as follows: the method for secret protection that a kind of data are periodically issued, comprises the steps:
(1) pre-service table to be released T, generated data table T (QI, GID, ID, SA);
(2) initialization publishing table T*; T* is empty anonymous table, and structure and T (QI, GID, ID, SA) are identical;
(3) judge that whether tables of data T (QI, GID, ID, SA) is for issuing first, if issue and go to step (4) first, otherwise go to step (8);
(4) set safeguard protection parameter k, l and ε;
(5) his-and-hers watches T (QI, GID, ID, SA) carries out extensive issue;
(6) tuple is retracted processing;
(7) whether look-up table T (QI, GID, ID, SA) record is entirely extensive, if incomplete extensive going to step (5), otherwise go to step (12);
(8) the SA grouping distance of same individuality in calculating T* (j-1) and T (j);
(9) according to SA grouping distance, T (j) is divided into two groups of T ' and T ";
(10) issue T (j) based on ε-grouping unchangeability rule;
(11) judge T " whether entirely extensive; Go to step (12) if completed, otherwise go to step (5);
(12) data have been issued, and table T* is that final secret protection releases news.
Further, in above-mentioned steps (1), pre-service table to be released comprises the steps:
(1.1) according to the classification of medical data attribute, the record that belongs to same individuality in tables of data to be released is carried out to ID mark, be expressed as the sheet form T (QI, ID, SA) of three generic attributes;
(1.2) each individuality of initialization is a grouping, adds grouping label GID, is expressed as T (QI, GID, ID, SA);
(1.3) merge the grouping with identical QI;
(1.4) delete explicit identification symbol;
Further, in above-mentioned steps (5), extensive issue comprises the steps:
(5.1) adopt the QI attribute in bottom-up Local Gravity And coding method his-and-hers watches T (QI, GID, ID, SA) to carry out extensive;
(5.2) every extensive some identical QI groupings that once just there will be, merge the grouping with identical QI, and mark GID again;
(5.3) grouping that meets individual associated (k, l)-anonymous constraint is removed in anonymous table T*;
Further, in above-mentioned steps (5.3), individual associated (k, l)-anonymous constraint condition is publishing table T* (QI, GID, ID, SA) must meet and in any one QI grouping in table, at least comprise the associated SA of individuality that k different individuality be greater than a setting value ε with l distance and divide into groups.
Further, in above-mentioned steps (8), the method for calculating grouping distance comprises the steps:
(8.1) confirm the degree of association between two Sensitive Attributes value v1 and v2 according to medical general knowledge, with RSA (v1, v2) expression, RSA ∈ [0,1], it is stronger that RSA more approaches 1 degree of association, in the time of v1=v2, RSA=1;
(8.2) based on calculation of relationship degree SA grouping distance, establish G
i1 sAand G
i2 sAthe SA grouping that is respectively two individual I1 and I2, the Sensitive Attributes degree of association between two groupings can be expressed as
, use R
sA(I1, I2) represents, the distance between individual SA grouping can be expressed as min (1-R
sA(I1, I2)), use Dis
sA(I1, I2) represents.
Further, in above-mentioned steps (10), the requirement of ε-grouping unchangeability rule is same individual I ' and the I appearing in table T* (j-1) and T* (j) " represent, if Dis
sA(I', I'')≤ε, so issuing individual I " time; in table T* (j), contain I " QI grouping must there is identical number of individuals with the QI grouping that contains I ' in T* (j-1), and between two QI groupings corresponding individual packets apart from being all less than or equal to ε.
The present invention has taken into full account in medical data that one by one body may corresponding many records, and same individuality may have due to the variation of the attributes such as age the feature of different QI attributes, in the time of release processing, utilize individual associated (k, l)-anonymous restricted model is considered as much as possible individual privacy but not is recorded the privacy on level, in the time of subsequent issued, utilize ε-grouping unchangeability rule to take into full account the individual relevance between twice distributing data in front and back, ensured individual privacy information simultaneously.
Brief description of the drawings
Fig. 1 is the method for secret protection process flow diagram that data of the present invention are periodically issued.
Embodiment
Below in conjunction with the drawings and specific embodiments, the invention will be further described.
As shown in Figure 1, the invention provides the method for secret protection that a kind of data are periodically issued, comprise the following steps:
(1) pre-service table to be released, comprises the steps:
(1.1) according to the classification of medical data attribute, the record that belongs to same individuality in tables of data to be released is carried out to ID mark, be expressed as the sheet form T (QI, ID, SA) of three generic attributes; Table to be released as a specific embodiment of the present invention is as shown in table 1;
Table 1
(1.2) each individuality of initialization is a grouping, adds grouping label GID, is expressed as form T (QI, GID, ID, SA);
(1.3) merge the grouping with identical QI;
(1.4) delete explicit identification symbol; The pretreated result of table to be released of the specific embodiment of the invention is as shown in table 2;
Table 2
(2) initialization publishing table T*, T* is the anonymous table of sky that structure is identical with T (QI, GID, ID, SA);
(3) judge that whether tables of data T (QI, GID, ID, SA) is for issuing first, if issue and go to step (4) first, otherwise go to step (8);
(4) set safeguard protection parameter k, l and ε, wherein, k is anonymous parameter, represents that each QI grouping of publishing table must at least comprise k Different Individual; L is diversity parameters, represents that each QI grouping of publishing table at least comprises l different SA grouping (belong to multiple Sensitive Attributes values of body one by one together and form a SA grouping); ε is SA grouping distance threshold, and in each QI grouping of expression publishing table, SA packet spacing is from being at least greater than ε;
(5) his-and-hers watches T (QI, GID, ID, SA) carries out extensive issue; Extensive issue is based on keeping individual associated (k, l)-anonymous constraint, comprising the steps:
(5.1) adopt the QI attribute in bottom-up Local Gravity And coding method his-and-hers watches T (QI, GID, ID, SA) to carry out extensive;
(5.2) every extensive some identical QI groupings that once just there will be, merge the grouping with identical QI, and mark GID again; In the specific embodiment of the invention, the result after his-and-hers watches 2 are extensive is as shown in table 3;
Table 3
(5.3) grouping that meets individual associated (k, l)-anonymous constraint is removed in anonymous table T*; Wherein, individual associated (k, l)-anonymous constraint condition is publishing table T* (QI, GID, ID, SA) must meet and in any one QI grouping in table, at least comprise the associated SA of individuality that k different individuality be greater than a setting value ε with l distance and divide into groups.
(6) tuple is retracted processing; Check all groupings in anonymous table T*, shift out the individual QI tuple of part if grouping exists, while still meeting individual associated (k, l)-anonymous constraint, these tuples are moved back in table T (QI, GID, ID, SA);
(7) whether look-up table T (QI, GID, ID, SA) record is entirely extensive, if incomplete extensive going to step (5), otherwise go to step (12);
(8) the SA grouping distance of same individuality in calculating T* (j-1) and T (j), wherein, T* (j-1) is the distributing data of the j-1 time, T (j) represents the j time data to be released (j>1), and the method for calculating grouping distance comprises the steps:
(8.1) confirm the degree of association between two Sensitive Attributes value v1 and v2 according to medical general knowledge, this degree of association refers to same individuality and suffers from the possibility of v1 and the v2 state of an illness (number percent) simultaneously, with RSA (v1, v2) represent, RSA ∈ [0,1], it is stronger that RSA more approaches 1 degree of association, in the time of v1=v2, RSA=1.
(8.2) based on calculation of relationship degree SA grouping distance, establish G
i1 sAand G
i2 sAthe SA grouping that is respectively two individual I1 and I2, the Sensitive Attributes degree of association between two groupings can be expressed as
, use R
sA(I1, I2) represents, the distance between individual SA grouping can be expressed as min (1-R
sA(I1, I2)), use Dis
sA(I1, I2) represents.
(9) according to SA grouping distance, T (j) is divided into two groups of T ' and T ", distance is less than or equal to the individuality composition record set T ' of ε, all the other composition record set T ";
(10) issue T (j) based on ε-grouping unchangeability rule; All individual records in record set T ' are carried out to release processing, choose one by one in order the record of body one by one in T ', corresponding QI grouping according to this individuality in table T* (j-1), by this individuality and record set T " together with; adopt the extensive tuple of bottom-up Local Gravity And coding method, structure meets the QI grouping of ε-grouping unchangeability rule; Add obtained QI grouping to T*, and delete T ' and T " in corresponding record; Wherein, the requirement of ε-grouping unchangeability rule is same individual I ' and the I appearing in table T* (j-1) and T* (j) " represent, if Dis
sA(I', I'')≤ε, so issuing individual T " time; in table T* (j), contain I " QI grouping must there is identical number of individuals with the QI grouping that contains I ' in T* (j-1), and between two QI groupings corresponding individual packets apart from being all less than or equal to ε.
(11) judge T " whether entirely extensive; Go to step (12) if completed, otherwise go to step (5);
(12) data have been issued, and table T* is that final secret protection releases news.
Claims (6)
1. the method for secret protection that data are periodically issued, is characterized in that, comprises the steps:
(1) pre-service table to be released T, generated data table T (QI, GID, ID, SA);
(2) initialization publishing table T*; T* is empty anonymous table, and structure and T (QI, GID, ID, SA) are identical;
(3) judge that whether tables of data T (QI, GID, ID, SA) is for issuing first, if issue and go to step (4) first, otherwise go to step (8);
(4) set safeguard protection parameter k, l and ε;
(5) his-and-hers watches T (QI, GID, ID, SA) carries out extensive issue;
(6) tuple is retracted processing;
(7) whether look-up table T (QI, GID, ID, SA) record is entirely extensive, if incomplete extensive going to step (5), otherwise go to step (12);
(8) the SA grouping distance of same individuality in calculating T* (j-1) and T (j);
(9) according to SA grouping distance, T (j) is divided into two groups of T ' and T ";
(10) issue T (j) based on ε-grouping unchangeability rule;
(11) judge T " whether entirely extensive; Go to step (12) if completed, otherwise go to step (5);
(12) data have been issued, and table T* is that final secret protection releases news.
2. the method for secret protection that a kind of data as claimed in claim 1 are periodically issued, is characterized in that: in step (1), described pre-service table to be released comprises the steps:
(1.1) according to the classification of medical data attribute, the record that belongs to same individuality in tables of data to be released is carried out to ID mark, be expressed as the sheet form T (QI, ID, SA) of three generic attributes;
(1.2) each individuality of initialization is a grouping, adds grouping label GID, is expressed as T (QI, GID, ID, SA);
(1.3) merge the grouping with identical QI;
(1.4) delete explicit identification symbol.
3. the method for secret protection that a kind of data as claimed in claim 1 are periodically issued, is characterized in that: in step (5), described extensive issue comprises the steps:
(5.1) adopt the QI attribute in bottom-up Local Gravity And coding method his-and-hers watches T (QI, GID, ID, SA) to carry out extensive;
(5.2) every extensive some identical QI groupings that once just there will be, merge the grouping with identical QI, and mark GID again;
(5.3) grouping that meets individual associated (k, l)-anonymous constraint is removed in anonymous table T*.
4. the method for secret protection that a kind of data as claimed in claim 3 are periodically issued; it is characterized in that: in step (5.3); described individual associated (k; l)-anonymous constraint condition is publishing table T* (QI; GID; ID, SA) must meet and in any one QI grouping in table, at least comprise the associated SA of individuality that k different individuality be greater than a setting value ε with l distance and divide into groups.
5. the method for secret protection that a kind of data as claimed in claim 1 are periodically issued, is characterized in that: in step (8), the method for described calculating grouping distance comprises the steps:
(8.1) confirm the degree of association between two Sensitive Attributes value v1 and v2 according to medical general knowledge, with RSA (v1, v2) expression, RSA ∈ [0,1], it is stronger that RSA more approaches 1 degree of association, in the time of v1=v2, RSA=1;
(8.2) based on calculation of relationship degree SA grouping distance, establish G
i1 sAand G
i2 sAthe SA grouping that is respectively two individual I1 and I2, the Sensitive Attributes degree of association between two groupings can be expressed as
use R
sA(I1, I2) represents, the distance between individual SA grouping can be expressed as min (1-R
sA(I1, I2)), use Dis
sA(I1, I2) represents.
6. the method for secret protection that a kind of data as claimed in claim 1 are periodically issued; it is characterized in that: in step (10); the requirement of described ε-grouping unchangeability rule is same individual I ' and the I appearing in table T* (j-1) and T* (j) " represent, if Dis
sA(I', I'')≤ε, so issuing individual I " time; in table T* (j), contain I " QI grouping must there is identical number of individuals with the QI grouping that contains I ' in T* (j-1), and between two QI groupings corresponding individual packets apart from being all less than or equal to ε.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410321751.3A CN104077538A (en) | 2014-07-07 | 2014-07-07 | Method for privacy protection of data periodical issuing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410321751.3A CN104077538A (en) | 2014-07-07 | 2014-07-07 | Method for privacy protection of data periodical issuing |
Publications (1)
Publication Number | Publication Date |
---|---|
CN104077538A true CN104077538A (en) | 2014-10-01 |
Family
ID=51598788
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410321751.3A Pending CN104077538A (en) | 2014-07-07 | 2014-07-07 | Method for privacy protection of data periodical issuing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104077538A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107688751A (en) * | 2017-08-17 | 2018-02-13 | 复旦大学 | A kind of adaptive method for secret protection of social media user behavior temporal mode |
-
2014
- 2014-07-07 CN CN201410321751.3A patent/CN104077538A/en active Pending
Non-Patent Citations (4)
Title |
---|
HUA JIN等: "《Fifth International Conference on Digital Image Processing》", 19 July 2013 * |
吕大鹏等: "《第二十四届中国数据库学术会议论文集》", 20 October 2007 * |
宋玉等: "《2010通信理论与技术新发展-第十五届全国青年通信学术会议论文集(下册)》", 6 August 2010 * |
张志祥等: "基于有损连接的个性化隐私保护", 《计算机工程与设计》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107688751A (en) * | 2017-08-17 | 2018-02-13 | 复旦大学 | A kind of adaptive method for secret protection of social media user behavior temporal mode |
CN107688751B (en) * | 2017-08-17 | 2021-02-26 | 复旦大学 | Self-adaptive privacy protection method for social media user behavior time mode |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Murthy et al. | A comparative study of data anonymization techniques | |
WO2016119275A1 (en) | Network account identifying and matching method | |
DE102018101307A1 (en) | SGX enclave remote authentication techniques | |
CN104866735B (en) | A kind of insertion of numeric type relational database watermark and extraction verification method | |
CN102855448B (en) | A kind of Field-level database encryption device | |
CN106650487A (en) | Multi-partite graph privacy protection method published based on multi-dimension sensitive data | |
Zhang et al. | Towards privacy preserving publishing of set-valued data on hybrid cloud | |
Jin et al. | 3D textured model encryption via 3D Lu chaotic mapping | |
CN105512523B (en) | The digital watermark embedding and extracting method of a kind of anonymization | |
CN103500302A (en) | System and method of safety lock hidden programs | |
Nergiz et al. | Hybrid k-anonymity | |
CN104156668A (en) | Privacy protection reissuing method for multiple sensitive attribute data | |
CN205901794U (en) | System for it encrypts to carry out selectivity to big data content | |
CN104537317B (en) | Control method that tenant is accessed self-defining data storehouse, device and system | |
CN104077538A (en) | Method for privacy protection of data periodical issuing | |
CN106685893B (en) | A kind of authority control method based on social networks group | |
Sreedhar et al. | A genetic TDS and BUG with pseudo-identifier for privacy preservation over incremental data sets | |
CN111191253B (en) | Data encryption combination method | |
CN204362091U (en) | A kind of fingerprint recognition router | |
CN104361066A (en) | Unstructured full-text retrieval system based on authorities | |
Punitha et al. | Methods and techniques to protect the privacy information in privacy preservation data mining | |
Dubli et al. | Secure Techniques of Data Anonymization for Privacy Preservation. | |
Yue-Qin et al. | Trusted Access Control model based on role and task in cloud computing | |
CN102946311A (en) | Key dispersed method for enhancing safety of symmetric key system | |
CN109492407A (en) | Data protection, data solution protect method, terminal and computer readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20141001 |